[ Build and deploy an effective line of defense against corporate intruders with InfoWorld's Encryption Deep Dive PDF expert guide. Download it today! | Stay up to date on the latest security developments with InfoWorld's Security Report newsletter. ]

"On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers cards were possibly compromised as a result," Neiman Marcus said in an emailed statement.

"We have begun to contain the intrusion and have taken significant steps to further enhance information security," the company said.

Neiman Marcus didn't say how the break in occurred or how many of its customers were affected, but it confirmed some customers' card numbers were used improperly after they shopped at the store.

"We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores," the company said via Twitter late Friday.

Neiman spokeswoman Ginger Reeder said she couldn't provide any further details at this time. The store apparently confirmed the break-in after being contacted by security reporter Brian Krebs on Friday.

The incident follows a massive data breach at Target, another major U.S. retailer. Target originally said about 40 million people were affected in that incident, but on Friday it said the number could be as high as 110 million, or about one-third of the U.S. population.

In addition to credit and debit card numbers, thieves also took customer names, mailing addresses, phone numbers or email addresses, Target said in a statement released Friday.

James Niccolai covers data centers and general technology news for IDG News Service. Follow James on Twitter at @jniccolai. James's e-mail address is james_niccolai@idg.com